Malware Scanner

What is Malware Scanner?

Malware Scanner is a free online security tool designed to help website owners, developers, and security enthusiasts detect malicious code in their files. Whether you are checking a suspicious PHP file, scanning a plugin before installation, or comparing two versions of a file to spot unauthorized changes, this tool makes the process quick and easy.

Key Features

Multiple Scanning Modes

• File Upload Scan: Upload single files or multiple files (up to 20) for instant malware analysis
• URL Scan: Scan remote files directly from any URL without downloading them first
• File Comparison: Compare two files side-by-side to detect differences and identify injected malicious code

Comprehensive Detection Engine

• 495+ Detection Rules: Combines signature-based and pattern-based scanning for thorough analysis
• 304 Malware Signatures: Detects known shells like WSO, C99, R57, Alfa, b374k, and hundreds more
• 75 Regex Patterns: Identifies dangerous code patterns including eval injections, backdoors, and obfuscation techniques
• 73 Suspicious Filenames: Flags commonly exploited file names and sensitive backup files

Smart Threat Classification

• Severity Levels: Each threat is categorized as Critical, High, Medium, or Low to help you prioritize fixes
• Remediation Tips: Get actionable advice on how to fix each detected issue
• Code Snippets: View the exact lines of suspicious code with syntax highlighting

Specialized Detection Categories

• PHP Shells & Backdoors: WSO, Alfa, IndoXploit, Mini Shell, and 30+ shell variants
• WordPress Malware: wp-vcd infections, malicious theme hooks, unauthorized admin creation
• Injection Attacks: SQL injection, XSS vulnerabilities, open redirects, mail header injection
• Crypto Miners: CoinHive, CryptoLoot, WebAssembly miners, and other cryptocurrency scripts
• SEO Spam: Pharma hacks, casino redirects, and link injection attacks
• htaccess Attacks: Malicious redirects, PHP handler exploits, auto-include backdoors

Detailed Scan Reports

• File Information: View file size, line count, and modification details
• File Hashes: MD5 and SHA256 checksums with one-click copy functionality
• Scan Statistics: See scan duration, bytes analyzed, and patterns checked
• Export Results: Download your scan report as JSON for documentation or further analysis

Supported File Types

PHP, PHTML, PHP3, PHP4, PHP5, PHPS, HTACCESS, TXT, JS, HTML, HTM, INC, and ZIP archives containing these file types.

How to Use

1. Choose Your Scan Mode: Select File Upload, URL Scan, or Compare Files based on your needs
2. Upload or Enter URL: Drag and drop files, browse your computer, or paste a URL
3. Select Scan Depth: Use Normal scan for quick checks or Deep scan for thorough analysis
4. Review Results: Examine detected threats, their severity, affected code lines, and recommended fixes
5. Take Action: Follow the remediation tips to clean infected files or verify false positives

When to Use This Tool

• Before installing themes or plugins from untrusted sources
• After a suspected security breach to find infected files
• During routine security audits of your website
• When comparing original files against potentially modified versions
• To verify files received from clients or third parties

Important Notes

While this scanner uses extensive detection rules, no automated tool catches everything. Some legitimate code may trigger false positives, especially code that uses dynamic function calls or encoding for valid purposes. Always review flagged code manually before making changes. For critical systems, consider professional security audits alongside automated scanning.